WIP
This commit is contained in:
parent
6250609a30
commit
0633a3de65
|
@ -26,7 +26,7 @@ export async function fetchSelf(ctx: UserCtx) {
|
||||||
}
|
}
|
||||||
|
|
||||||
const appId = context.getAppId()
|
const appId = context.getAppId()
|
||||||
let user: ContextUser = await getFullUser(ctx, userId)
|
let user: ContextUser = await getFullUser(userId)
|
||||||
// this shouldn't be returned by the app self
|
// this shouldn't be returned by the app self
|
||||||
delete user.roles
|
delete user.roles
|
||||||
// forward the csrf token from the session
|
// forward the csrf token from the session
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
import { generateUserFlagID, InternalTables } from "../../db/utils"
|
import { generateUserFlagID, InternalTables } from "../../db/utils"
|
||||||
import { getFullUser } from "../../utilities/users"
|
import { getFullUser } from "../../utilities/users"
|
||||||
import { context } from "@budibase/backend-core"
|
import { context } from "@budibase/backend-core"
|
||||||
import { Ctx, UserCtx } from "@budibase/types"
|
import { Ctx, FetchUserMetadataResponse, UserCtx } from "@budibase/types"
|
||||||
import sdk from "../../sdk"
|
import sdk from "../../sdk"
|
||||||
|
|
||||||
export async function fetchMetadata(ctx: Ctx) {
|
export async function fetchMetadata(ctx: Ctx<null, FetchUserMetadataResponse>) {
|
||||||
ctx.body = await sdk.users.fetchMetadata()
|
ctx.body = await sdk.users.fetchMetadata()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -44,7 +44,7 @@ export async function destroyMetadata(ctx: UserCtx) {
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function findMetadata(ctx: UserCtx) {
|
export async function findMetadata(ctx: UserCtx) {
|
||||||
ctx.body = await getFullUser(ctx, ctx.params.id)
|
ctx.body = await getFullUser(ctx.params.id)
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function setFlag(ctx: UserCtx) {
|
export async function setFlag(ctx: UserCtx) {
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
const { roles, utils } = require("@budibase/backend-core")
|
import { roles, utils } from "@budibase/backend-core"
|
||||||
const { checkPermissionsEndpoint } = require("./utilities/TestFunctions")
|
import { checkPermissionsEndpoint } from "./utilities/TestFunctions"
|
||||||
const setup = require("./utilities")
|
import * as setup from "./utilities"
|
||||||
const { BUILTIN_ROLE_IDS } = roles
|
|
||||||
|
|
||||||
jest.setTimeout(30000)
|
jest.setTimeout(30000)
|
||||||
|
|
||||||
|
@ -47,8 +46,8 @@ describe("/users", () => {
|
||||||
request,
|
request,
|
||||||
method: "GET",
|
method: "GET",
|
||||||
url: `/api/users/metadata`,
|
url: `/api/users/metadata`,
|
||||||
passRole: BUILTIN_ROLE_IDS.ADMIN,
|
passRole: roles.BUILTIN_ROLE_IDS.ADMIN,
|
||||||
failRole: BUILTIN_ROLE_IDS.PUBLIC,
|
failRole: roles.BUILTIN_ROLE_IDS.PUBLIC,
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
@ -56,7 +55,7 @@ describe("/users", () => {
|
||||||
describe("update", () => {
|
describe("update", () => {
|
||||||
it("should be able to update the user", async () => {
|
it("should be able to update the user", async () => {
|
||||||
const user = await config.createUser({ id: `us_update${utils.newid()}` })
|
const user = await config.createUser({ id: `us_update${utils.newid()}` })
|
||||||
user.roleId = BUILTIN_ROLE_IDS.BASIC
|
user.roleId = roles.BUILTIN_ROLE_IDS.BASIC
|
||||||
delete user._rev
|
delete user._rev
|
||||||
const res = await request
|
const res = await request
|
||||||
.put(`/api/users/metadata`)
|
.put(`/api/users/metadata`)
|
||||||
|
@ -74,14 +73,18 @@ describe("/users", () => {
|
||||||
const res1 = await request
|
const res1 = await request
|
||||||
.put(`/api/users/metadata`)
|
.put(`/api/users/metadata`)
|
||||||
.set(config.defaultHeaders())
|
.set(config.defaultHeaders())
|
||||||
.send({ ...user, roleId: BUILTIN_ROLE_IDS.BASIC })
|
.send({ ...user, roleId: roles.BUILTIN_ROLE_IDS.BASIC })
|
||||||
.expect(200)
|
.expect(200)
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
|
|
||||||
const res = await request
|
const res = await request
|
||||||
.put(`/api/users/metadata`)
|
.put(`/api/users/metadata`)
|
||||||
.set(config.defaultHeaders())
|
.set(config.defaultHeaders())
|
||||||
.send({ ...user, _rev: res1.body.rev, roleId: BUILTIN_ROLE_IDS.POWER })
|
.send({
|
||||||
|
...user,
|
||||||
|
_rev: res1.body.rev,
|
||||||
|
roleId: roles.BUILTIN_ROLE_IDS.POWER,
|
||||||
|
})
|
||||||
.expect(200)
|
.expect(200)
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
|
|
||||||
|
@ -95,14 +98,14 @@ describe("/users", () => {
|
||||||
await request
|
await request
|
||||||
.put(`/api/users/metadata`)
|
.put(`/api/users/metadata`)
|
||||||
.set(config.defaultHeaders())
|
.set(config.defaultHeaders())
|
||||||
.send({ ...user, roleId: BUILTIN_ROLE_IDS.BASIC })
|
.send({ ...user, roleId: roles.BUILTIN_ROLE_IDS.BASIC })
|
||||||
.expect(200)
|
.expect(200)
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
|
|
||||||
await request
|
await request
|
||||||
.put(`/api/users/metadata`)
|
.put(`/api/users/metadata`)
|
||||||
.set(config.defaultHeaders())
|
.set(config.defaultHeaders())
|
||||||
.send({ ...user, roleId: BUILTIN_ROLE_IDS.POWER })
|
.send({ ...user, roleId: roles.BUILTIN_ROLE_IDS.POWER })
|
||||||
.expect(409)
|
.expect(409)
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
})
|
})
|
||||||
|
@ -129,7 +132,7 @@ describe("/users", () => {
|
||||||
.expect(200)
|
.expect(200)
|
||||||
.expect("Content-Type", /json/)
|
.expect("Content-Type", /json/)
|
||||||
expect(res.body._id).toEqual(user._id)
|
expect(res.body._id).toEqual(user._id)
|
||||||
expect(res.body.roleId).toEqual(BUILTIN_ROLE_IDS.ADMIN)
|
expect(res.body.roleId).toEqual(roles.BUILTIN_ROLE_IDS.ADMIN)
|
||||||
expect(res.body.tableId).toBeDefined()
|
expect(res.body.tableId).toBeDefined()
|
||||||
})
|
})
|
||||||
})
|
})
|
|
@ -9,6 +9,7 @@ import { ScreenAPI } from "./screen"
|
||||||
import { ApplicationAPI } from "./application"
|
import { ApplicationAPI } from "./application"
|
||||||
import { BackupAPI } from "./backup"
|
import { BackupAPI } from "./backup"
|
||||||
import { AttachmentAPI } from "./attachment"
|
import { AttachmentAPI } from "./attachment"
|
||||||
|
import { UserAPI } from "./user"
|
||||||
|
|
||||||
export default class API {
|
export default class API {
|
||||||
table: TableAPI
|
table: TableAPI
|
||||||
|
@ -21,6 +22,7 @@ export default class API {
|
||||||
application: ApplicationAPI
|
application: ApplicationAPI
|
||||||
backup: BackupAPI
|
backup: BackupAPI
|
||||||
attachment: AttachmentAPI
|
attachment: AttachmentAPI
|
||||||
|
user: UserAPI
|
||||||
|
|
||||||
constructor(config: TestConfiguration) {
|
constructor(config: TestConfiguration) {
|
||||||
this.table = new TableAPI(config)
|
this.table = new TableAPI(config)
|
||||||
|
@ -33,5 +35,6 @@ export default class API {
|
||||||
this.application = new ApplicationAPI(config)
|
this.application = new ApplicationAPI(config)
|
||||||
this.backup = new BackupAPI(config)
|
this.backup = new BackupAPI(config)
|
||||||
this.attachment = new AttachmentAPI(config)
|
this.attachment = new AttachmentAPI(config)
|
||||||
|
this.user = new UserAPI(config)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,48 @@
|
||||||
|
import { FetchUserMetadataResponse } from "@budibase/types"
|
||||||
|
import TestConfiguration from "../TestConfiguration"
|
||||||
|
import { TestAPI } from "./base"
|
||||||
|
|
||||||
|
export class UserAPI extends TestAPI {
|
||||||
|
constructor(config: TestConfiguration) {
|
||||||
|
super(config)
|
||||||
|
}
|
||||||
|
|
||||||
|
fetch = async (
|
||||||
|
{ expectStatus } = { expectStatus: 200 }
|
||||||
|
): Promise<FetchUserMetadataResponse> => {
|
||||||
|
const res = await this.request
|
||||||
|
.get(`/api/users/metadata`)
|
||||||
|
.set(this.config.defaultHeaders())
|
||||||
|
.expect("Content-Type", /json/)
|
||||||
|
|
||||||
|
if (res.status !== expectStatus) {
|
||||||
|
throw new Error(
|
||||||
|
`Expected status ${expectStatus} but got ${
|
||||||
|
res.status
|
||||||
|
} with body ${JSON.stringify(res.body)}`
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
return res.body
|
||||||
|
}
|
||||||
|
|
||||||
|
get = async (
|
||||||
|
id: string,
|
||||||
|
{ expectStatus } = { expectStatus: 200 }
|
||||||
|
): Promise<GetUserMetadataResponse> => {
|
||||||
|
const res = await this.request
|
||||||
|
.get(`/api/users/metadata/${id}`)
|
||||||
|
.set(this.config.defaultHeaders())
|
||||||
|
.expect("Content-Type", /json/)
|
||||||
|
|
||||||
|
if (res.status !== expectStatus) {
|
||||||
|
throw new Error(
|
||||||
|
`Expected status ${expectStatus} but got ${
|
||||||
|
res.status
|
||||||
|
} with body ${JSON.stringify(res.body)}`
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
return res.body
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,11 +1,13 @@
|
||||||
import { InternalTables } from "../db/utils"
|
import { InternalTables } from "../db/utils"
|
||||||
import { getGlobalUser } from "./global"
|
import { getGlobalUser } from "./global"
|
||||||
import { context, roles } from "@budibase/backend-core"
|
import { context, roles } from "@budibase/backend-core"
|
||||||
import { UserCtx } from "@budibase/types"
|
import { ContextUserMetadata, UserCtx, UserMetadata } from "@budibase/types"
|
||||||
|
|
||||||
export async function getFullUser(ctx: UserCtx, userId: string) {
|
export async function getFullUser(
|
||||||
|
userId: string
|
||||||
|
): Promise<ContextUserMetadata> {
|
||||||
const global = await getGlobalUser(userId)
|
const global = await getGlobalUser(userId)
|
||||||
let metadata: any = {}
|
let metadata: UserMetadata | undefined = undefined
|
||||||
|
|
||||||
// always prefer the user metadata _id and _rev
|
// always prefer the user metadata _id and _rev
|
||||||
delete global._id
|
delete global._id
|
||||||
|
@ -14,11 +16,11 @@ export async function getFullUser(ctx: UserCtx, userId: string) {
|
||||||
try {
|
try {
|
||||||
// this will throw an error if the db doesn't exist, or there is no appId
|
// this will throw an error if the db doesn't exist, or there is no appId
|
||||||
const db = context.getAppDB()
|
const db = context.getAppDB()
|
||||||
metadata = await db.get(userId)
|
metadata = await db.get<UserMetadata>(userId)
|
||||||
|
delete metadata.csrfToken
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
// it is fine if there is no user metadata yet
|
// it is fine if there is no user metadata yet
|
||||||
}
|
}
|
||||||
delete metadata.csrfToken
|
|
||||||
return {
|
return {
|
||||||
...metadata,
|
...metadata,
|
||||||
...global,
|
...global,
|
||||||
|
|
|
@ -6,3 +6,4 @@ export * from "./rows"
|
||||||
export * from "./table"
|
export * from "./table"
|
||||||
export * from "./permission"
|
export * from "./permission"
|
||||||
export * from "./attachment"
|
export * from "./attachment"
|
||||||
|
export * from "./user"
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
import { ContextUserMetadata } from "src/documents"
|
||||||
|
|
||||||
|
export type FetchUserMetadataResponse = ContextUserMetadata[]
|
Loading…
Reference in New Issue